Vulnerability Assessment Tools

NetSPI consultants dedicate time and resources to develop open-sourced tool sets that strengthen the infosec community.

Want to see more of our open source projects, check out our GitHub repositories. Click here

 

 

PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server.
https://github.com/NetSPI/PowerUpSQL/wiki

Inveigh

Inveigh is a PowerShell ADIDNS/LLMNR/mDNS/NBNS spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to a Windows system.
https://blog.netspi.com/inveigh-whats-new-in-version-1-4/
https://github.com/Kevin-Robertson/Inveigh

MicroBurst

MicroBurst includes functions and scripts that support Azure Services discovery, weak configuration auditing, and post exploitation actions such as credential dumping. It is intended to be used during penetration tests where Azure is in use.
https://blog.netspi.com/enumerating-azure-services/
https://github.com/NetSPI/MicroBurst

NetSPI SQL Injection Wiki

This wiki’s mission is to be a one stop resource for fully identifying, exploiting, and escalating SQL injection vulnerabilities across various Database Management Systems.

Read about the SQL Injection Wiki on our blog
Learn more on our SQL Injection Wiki

PESecurity

PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
https://github.com/NetSPI/PESecurity

Burp Extractor

Burp Extractor is intended to be used as a one-size-fits-all tool for extracting data from HTTP responses to be reused in HTTP requests. This can be items such as CSRF tokens, Auth Bearer tokens, timestamps, etc. The extension uses regex to extract needed data from responses, and will insert extracted data into any HTTP request sent through Burp which matches a second regex.
https://blog.netspi.com/introducing-burp-extractor/
https://github.com/NetSPI/BurpExtractor

JSON Beautifier

This is a Burp Extension for beautifying JSON output. There exists a python version in the BApp Store at the moment. After some difficulties with Jython I opted to port it to Java.
https://blog.netspi.com/beautifying-json-in-burp/
https://github.com/NetSPI/JSONBeautifier

AWS Signer

This is a Burp Extension for AWS Signing.
https://github.com/NetSPI/AWSSigner

Wsdler

This is a Burp Extension for parsing WSDLs.
https://github.com/NetSPI/Wsdler

Tokenvator

This is a tool for altering Windows tokens.
https://github.com/0xbadjuju/Tokenvator

WheresMyImplantt: A C# Bring-Your-Own-Land toolkit

WheresMyImplant contains the tooling nessessary to gaining and maintain access to target system. It can also be installed as WMI provider for covert long term persistence.
https://github.com/0xbadjuju/WheresMyImplant

SQLC2

SQLC2 is a PowerShell script for deploying and managing a command and control system that uses SQL Server as both the control server and the agent. At its core, SQLC2 is just a PowerShell script, a TSQL script, and a few tables in an SQL Server instance that tracks agents, commands, and results. Nothing too fancy, but it may prove to be useful on some engagements.
https://blog.netspi.com/databases-and-clouds-sql-server-as-a-c2/
https://github.com/NetSPI/SQLC2

goddi (Go Dump Domain Info)

These tools are a great starting point for gaining insight into an Active Directory environment.

Read about the goddi tool on our blog. 
Learn more on our GitHub page.

JavaSerialKiller

Burp extension to perform Java Deserialization Attacks using the ysoserial payload generator.

Read about JavaSerialKiller on our blog
Download JavaSerialKiller from GitHub

WebLogicPasswordDecryptor

PowerShell module and Java code to decrypt WebLogic passwords.

Read about WebLogicPasswordDecryptor on our blog
Download WebLogicPasswordDecryptor from GitHub

Close

Contact Us